I have a node/express server running on port 3000 that uses @node-saml/passport-saml library to implement SAML-based SSO where the IPD is auth0. Below are the code snippet screenshot. Everything works fine when I hit the /user/saml/login route from the browser. If the user is not logged in, I am getting an auth0 login screen to log in and afterwards things are as expected. However, I have an Angular app that is running on port 4200 which is supposed to hit the /user/saml/login URL. But when I try to hit the same it is throwing the below CORS error. I do understand that I need to whitelist all the domains but not sure where I need to register them and I have tried a couple of things, but none seems to work. Can anybody help me to fix the issue?
Access to XMLHttpRequest at 'https://*********.us.auth0.com/samlp/qoXz8WXQzujzkZbsSoMvftJsbx8GCpoW?SAMLRequest=nVPBjtowEP2VyHcSB0oIFrCioLZUu1sKtLvaS%2BU4w%2BLi2MHjsJSvrwlQcSh74BRp5vnNm%2FcmvbtdoYItWJRG90kcUnI36CEvVMmGlVvpGWwqQBd4mEZWN%2FqkspoZjhKZ5gUgc4LNhw%2F3rBlSVlrjjDCKBJNxn%2FzqdgVNlkkzThLepVy0YpG0eSdLEmhDB%2BJ2kqWp4ECCn2cRnsU%2FRqxgotFx7XyJNlsN2mnQ7oI2Gf3A2p0wbaUvJJiexn2UOpf69X1t2RGE7MtiMW1Mv80XJBj77aTmrh69cq5EFkU5bBsS9HrTaZVhhSH3VtBQmCKqHYg25nmfPj1%2F31e%2F9%2BuXDOfmYbt0XzHbpZ9HpXkiwRAR7IF0ZDRWBdg52K0U8GN2fxzjpygjuFoZdKxFKY14KaPKv6pn%2BOar1JEHqIyLNTmGwmpb7EUa7y%2FMzyrI4AC7ulYvumA%2F5%2F%2Fo6SbjqVFS%2FLkl%2F6FS5m1kgTvoE2crn%2FEnYwvurhPEYVxXZN5Y1lAGBZdqmOcWEEl0lna6SsjrG%2FUWO9jddKMjU5TcSjyEDzsu3NnoS%2BKR8j7OYHmr7VdhgokDtS9P%2FefN2PxwziD8YgvLNZbGulM0%2F9MzOPau2PGve%2FkfD%2F4C' (redirected from 'http://localhost:3000/api/user/saml/login') from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.